Phishing E-Mail Targets York University Students
Some students of York University while checking their e-mail accounts may find fraudulent e-mails that claim to come from individuals of the university but try to obtain sensitive personal details, as per the recent warning from the university officials.
Furthermore, in some instances, the fraudulent senders are purporting to be from the York University IT helpdesk and trying to dupe the students into sharing their passwords. E-mail addresses belong to black cat community, an underground forum for spyware, spammers and other attackers.
Chris Russel, Director of IT Infrastructure for York University, states that individuals, who have performed this kind of activity of phishing could be seeking to fulfill a number of purposes. These could relate to seeking personal information to commit identity theft, probably the greatest offense of the kind, or to distribute spam mails from illegally accessed account, as reported by Excalibur on September 16, 2008.
Russel further says that spammers have a strong demand for esteemed e-mail accounts like those from Yorkmail because they manage to bypass the Yorkmail users' built-in spam filters with relative ease than the filters set up for free accounts.
Meanwhile, it is not clear as to how many people in the university have affected; however, no private details of faculty and students have leaked as the reply IDs are redirected, according to the officials.
Also, according to the officials, anyone, who receives a message pretending to be from the university and asking for users' passwords via e-mail, should immediately know that it is not legitimate, and therefore should not answer it. However, there is only a small percentage of people who answer spam mails but even if that small percentage replies, it covers the little cost that is incurred for spamming; thereby, maintaining the spammers' interest in the activity.
Meanwhile, spamming activity in the form of phishing scams has considerably increased during the past six months from March to August 2008 in different universities. One such scam was circulating the inboxes of Kent State University during 2nd week of September 2008. Nevertheless, people should realize that no IT group in any university would any time disburse notification to inmates asking to provide their passwords.
Related article: Phishing With A Redirector Code
» SPAMfighter News - 24-09-2008